Security Resources

The safety and security of your finances is a primary concern for GRB.  Check this page for a variety of resources related to keeping your accounts safe.  Use the QuickLinks below to find what you need.

How GRB Protects Your Information

GRB is committed to protecting the personal information of our clients. GRBonline uses several different methods to protect users’ information, including multifactor authentication, secure tokens, and anomaly detection software. Additionally, all information within GRBonline uses the Secure Socket Layer (SSL) protocol for transferring data. SSL is a cryptosystem that create a secure environment for the information being transferred between your browser and GRB. All information transferred through GRBonlinehas 128-bit encryption; the highest level.

GRB will never request personal information by email or text message, including account numbers, passwords, personal identification, or any other confidential customer information. Fraudulent emails may be designed to appear as though they originated at GRB. DO NOT respond to any email that requests personal or confidential information and do not click on any links in such an email.

If we contact you, it will be done in a manner that protects your personal information and we will clearly identify ourselves. If you contact us, we may ask verifying questions.

Traveling Outside the U.S. and Canada?  Let GRB Know!

grb Travel Fraud Prevention vacation

GRB currently blocks ATM and Debit card transactions originating outside the U.S. and Canada to help reduce the risk of fraud.  In order to ensure uninterrupted card access when traveling, please contact GRB prior to your trip.  We can update your account to allow ATM and debit card transactions to select countries during your travel timeframe.  This will ensure your card access remains uninterrupted. 

We feel this additional verification process will help ensure that our customers are able to remain safe and secure when using their cards.  Please contact our customer service team at 585.249.1540 or stop in at a branch to make arrangements when you travel.

If at any time you suspect your cards may have been compromised, please contact our Fraud Center at 800.237.8990.

Fraud Alerts & Resources

GRB’s Fraud Prevention Service

When our systems detect potential fraud, you will be contacted in the following manner:

  • When potential fraud is detected, you will receive an automatic text notification or email notification from Genesee Regional Bank originating from the email address FRAUDCTR0879@GRBBANK.COM.  You can respond via text or you can call our Fraud Center at 800.237.8990 to confirm or deny fraud via the automated system or by speaking directly to a fraud specialist.
  • If there is no response received from you, five minutes after the email alert you will receive automatic phone calls to confirm or deny fraud.

Remember – our messages will never ask for your PIN or account number.

* The phone number for our Fraud Center is 800.237.8990. Add this number to your phone contacts and label it “GRB Fraud Center,” it will display whenever you get a call from this number.

How to Recognize and Avoid Phishing Scams

Excerpted from the Federal Trade Commission. Click here for the complete article from the FTC.

Scammers use email or text messages to trick you into giving them your personal information. They may try to steal your passwords, account numbers, or Social Security numbers. If they get that information, they could gain access to your email, bank, or other accounts. Scammers launch thousands of phishing attacks like these every day — and they’re often successful. The FBI’s Internet Crime Complaint Center reported that people lost $57 million to phishing schemes in one year.

Scammers often update their tactics, but there are some signs that will help you recognize a phishing email or text message.

Phishing emails and text messages may look like they’re from a company you know or trust. They may look like they’re from a bank, a credit card company, a social networking site, an online payment website or app, or an online store.

Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. They may

  • Say they’ve noticed some suspicious activity or log-in attempts
  • Claim there’s a problem with your account or your payment information
  • Say you must confirm some personal information
  • Include a fake invoice
  • Want you to click on a link to make a payment
  • Say you’re eligible to register for a government refund
  • Offer a coupon for free stuff

What to Do If You Responded to a Phishing Email

If you think a scammer has your information, like your Social Security, credit card, or bank account number, go to IdentityTheft.gov. There you’ll see the specific steps to take based on the information that you lost.

If you think you clicked on a link or opened an attachment that downloaded harmful software, update your computer’s security software. Then run a scan.

How to Report Phishing

If you got a phishing email or text message, report it. The information you give can help fight the scammers.

Step 1. If you got a phishing email, forward it to the Anti-Phishing Working Group at reportphishing@apwg.org. If you got a phishing text message, forward it to SPAM (7726).

Step 2. Report the phishing attack to the FTC at ftc.gov/complaint.

Protect Your Personal Information from Identity Theft

Follow these suggestions to help protect your personal information:

  • Always limit to whom you give your date of birth, mother’s maiden name, or other confidential information.
  • Do not be afraid to question why someone needs your personal information.
  • Minimize the amount of information you carry with you.
  • Remove old deposits slips, blank checks, and other items with confidential information that you do not need to carry from your wallet or purse.
  • Cancel credit cards that you don’t need.
  • Always guard passwords and PINs.
  • Limit the information on your personal checks to your name and address.
  • Do not leave in your vehicle, especially in plain view, any items with personal information such as insurance cards, vehicle registration, wallets, purses, or laptops.

If you think your identity has been stolen visit: identitytheft.gov

Visit the Federal Trade Commission’s site for additional resources on consumer identity theft.

Check Cashing Scams

Please take steps to avoid becoming the victim of a check deposit scam.  These scams are often targeted at younger accountholders with ATM and debit cards.  Fraudsters make contact with the victim (a helper), often via social media, and convince them that they need the helper’s assistance to cash a check.  The story will be good (stranded outside the country, accounts frozen, IRS threat, etc.).  Once the helper cashes the check, the fraudster asks for the helper’s ATM card and PIN number or, in a related scam, asks the helper to wire the money or buy gift cards and send them to him/her.  For their trouble, the helper is paid a finder’s fee — often up to half of the money deposited, which appears quite generous.  Unfortunately, once it is discovered that the check is fake, the helper has now become an accomplice to the crime AND is responsible for making restitution for all of the money.

To avoid becoming the victim in a check cashing scam always remember:

  1. Never let anyone use your account to facilitate a transaction, and especially if they request that you give them your ATM card and PIN, wire back funds, or purchase gift cards to pay them back. There is no legitimate reason for someone to pay or overpay you and then ask for the money back in another form.
  2. Never give out your ATM card or PIN.  Never.
  3. Be suspicious of jobs that pay your expenses using this methodology.  Secret Shopper scams are rampant.  You are “hired” as a Secret Shopper and paid in advance, via check, for your expenses.  Using those funds, you are instructed to test money transfer services like MoneyGram or Western Union or to buy gift cards and send photos of them to the fraudster.  When the check is discovered to be fraudulent, the unfortunate Secret Shopper is responsible for paying back all of the money from the fake check deposited into their account.

Credit Reporting Agencies

Equifax

P. O. Box 740241

Atlanta, GA  30374

To Report Fraud:  (800) 525-6285

To Order a Credit Report:  (800) 888-1111

Website: www.equifax.com

Experian

P. O. Box 2002

Allen, TX  75013

To Report Fraud: (888) 397-3742

To Order a Credit Report:  (888) 397-3742

Website: www.experian.com

TransUnion

Fraud Victim Assistance Dept.

P. O. Box 6790

Fullerton, CA 92834

To Report Fraud:  (800) 680-7289

To Order a Credit Report: (800) 888-4213

Website: www.transunion.com

Safely Managing Online Transactions for Your Business

As more and more of our financial transactions move online, fraud and identity theft are becoming an even more significant threat to financial institutions, businesses and individuals alike.  Cyber crime is always evolving and criminals are always looking for new technologies, and scams to secure information and data that can be used to attempt fraudulent activities.  Whether you are a business user or individual customers, it is important that you remain vigilant regarding your use of the online environment to conduct financial transactions.  This information is also provided to help you understand how GRB will conduct business in the event we need to contact you regarding your accounts:

The following represents GRB’s standard business practice regarding your online transactions:

GRB will never email, call, or otherwise ask you for key account information (i.e. username, password, electronic banking credentials, etc.).  No matter how “urgent” the email may seem, resist the temptation to respond to it and provide any kind of account or personal information.  If you ever have any questions about a request, please contact GRB directly.

GRB also encourages its clients to protect themselves and their identity by following best practices for online security, including:

  • Choose a secure user name password that utilizes a combination of lower and upper case letters, numbers and symbols.  It is also advisable to avoid using words from the dictionary 
  • Select different passwords for multiple accounts, don’t use the same password for everything
  • Change your passwords frequently
  • Keep your user name and password secure.  If you must write them down, avoid placing them in obvious places (under your keyboard, top desk drawer, etc.) 
  • Keep your anti-malware and anti-virus software solutions up to date and make sure all security and maintenance patches are installed in a timely manner
  • Make sure a firewall is in place when you are managing your financial transactions.  Avoid using Wi-Fi hotspots in coffee shops, restaurants, health clubs, etc. to complete financial transactions
  • Log off your accounts completely when you’re done conducting business (don’t just close the page or click on the “X”)
  • Do not allow your browser to save your login and password information for your financial accounts
  • Monitor your account activity on a regular basis and use your financial institution’s online capabilities to set up text notifications 

In addition, we recommend that business account holders conduct regular monitoring and management of their accounts for fraudulent behavior.  This could include making a list of the risks related to online transactions conducted by your business including:

  • Securing passwords that have been written down and left out in the open
  • Allowing individuals to share logins and passwords on accounts
  • Using old passwords or those that do not follow the recommended combination of letters, numbers and symbols as noted above
  • Addressing processes that lack a system of checks and balances by multiple employees
  • Failing to terminate the access rights of former employees in a timely manner
  • Allowing employees to have “solo” access to particular systems or Web sites which may make it difficult to terminate their access 
  • Lack of dual controls over individual access to online transaction capabilities including wire transfers, ACH Services, etc. 

Businesses can also reduce fraud risk by putting the following controls in place:

  • Using password-protected software solutions to house passwords
  • Designating specific computer(s) exclusively for online banking transactions
  • Training employees not to click on links or respond to requests for information in unsolicited emails.
  • Reporting any suspicion of viruses or computer performance issues to the appropriate authority at the company.
  • Conducting background checks on new – and existing – employees
  • Tracking the solutions and accounts to which each employee has access and initiating a policy and process to terminate access when they leave
  • Dividing certain responsibilities among two or more people to limit access or control by a single person
  • Setting various approval limits (i.e. by user, transaction type, etc.)
  • Conducting internal or third-party audits of your processes and controls and designate a team to take action on any findings
  • Using firewalls to protect the network from outside intrusion or hackers
  • Setting up visitor Internet and network access capabilities for vendors, partners and customers who may be on-site visiting.  Do not allow outsiders to gain direct access to your network

Federal regulations under the Electronic Fund Trasnsfer Act provide consumers with some protections for electronic fund transfers.  These federal laws establish limits on a consumer’s liability for unauthorized electronic fund transfers. They also provide specific steps you need to take to help resolve an error with your account.  Note, however, that in order to take advantage of these protections, you must act in a timely manner. Make sure you notify us immediately if you believe your access information has been stolen or compromised. Also, review your account activity and periodic statement and promptly report any errors or unauthorized transactions. See the Electronic Fund Transfer disclosures that were provided at account opening for more information on these types of protections. These disclosures are also available from GRB – ask us and we will gladly provide you with a copy.

Even though there are protections in place to help consumers, keep in mind that the disruption of fraud will still be time-consuming and require a significant amount of effort to make your accounts correct and secure again.  It is best to take steps to actively avoid giving cyber criminals the opportunity to make you a victim.

If you become aware of suspicious account activity, or receive any suspicious emails, you should immediately contact GRB at 585.249.1540.

Additional Resources to Help Your Business Prevent Fraud

Cybersecurity for Small Business website hosted by the Federal Trade Commission

Protecting Small Businesses website hosted by the Federal Trade Commission

CyberCrime website hosted by the Federal Bureau of Investigation

Internet Crime Complaint (iC3) page from the Federal Bureau of Investigation